US11397825B2 - Encrypted knowledge graph - Google Patents

Encrypted knowledge graph Download PDF

Info

Publication number
US11397825B2
US11397825B2 US16/536,342 US201916536342A US11397825B2 US 11397825 B2 US11397825 B2 US 11397825B2 US 201916536342 A US201916536342 A US 201916536342A US 11397825 B2 US11397825 B2 US 11397825B2
Authority
US
United States
Prior art keywords
knowledge
user system
graph
user
subgraph
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/536,342
Other languages
English (en)
Other versions
US20210042438A1 (en
Inventor
Tim Uwe Scheideler
Arjun Udupi Raghavendra
Matthias SEUL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kyndryl Inc
Original Assignee
Kyndryl Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kyndryl Inc filed Critical Kyndryl Inc
Assigned to INTERNATIONAL BUSINESS MACHINES CORPORATION reassignment INTERNATIONAL BUSINESS MACHINES CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SEUL, MATTHIAS, SCHEIDELER, Tim Uwe, UDUPI RAGHAVENDRA, Arjun
Priority to US16/536,342 priority Critical patent/US11397825B2/en
Priority to JP2022508465A priority patent/JP2022544484A/ja
Priority to PCT/IB2020/056940 priority patent/WO2021028748A1/en
Priority to DE112020002859.3T priority patent/DE112020002859T5/de
Priority to GB2117672.2A priority patent/GB2599043B/en
Publication of US20210042438A1 publication Critical patent/US20210042438A1/en
Assigned to KYNDRYL, INC. reassignment KYNDRYL, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: INTERNATIONAL BUSINESS MACHINES CORPORATION
Priority to US17/806,067 priority patent/US20220300638A1/en
Publication of US11397825B2 publication Critical patent/US11397825B2/en
Application granted granted Critical
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/02Knowledge representation; Symbolic representation
    • G06N5/022Knowledge engineering; Knowledge acquisition

Definitions

  • the invention relates generally to access rights in a knowledge management system, and more specifically, to managing access rights to a knowledge graph with content managed by a plurality of entities.
  • IT enterprise information technology
  • knowledge graphs are used to store, manage, and process information outside of transactional systems.
  • Knowledge graphs are widely accepted instruments to organize a collaboration of people inside organizations and across departments and organizational boundaries.
  • a knowledge graph comprises at least facts collected from a plurality of sources that are typically stored in vertices, also referred to as nodes, of a mesh and edges, links between the nodes, that store the relationship between the vertices, and thus, a relationship between content items, i.e., facts, stored in the knowledge graph.
  • Typical knowledge graphs range in size between 1 million and 100 million vertices. Hence, storing and managing a knowledge graph may require a substantial amount of storage and computing capacities in a data center.
  • Knowledge graphs may typically be used to facilitate collaboration within and between organizations (companies, departments and its employees). Parts of an organization's knowledge graph may comprise confidential data whilst other portions should be made accessible to other selected organizations and/or users. Access control may be provided, e.g., by a central authority, as known in the art. However, a central authority has to be established and maintained consistently. Users have to register and, more importantly, trust the central authority because it maintains all credentials and it may have complete access to all information, restricted and unrestricted. Thus, a central authority may be prohibitive for self-organizing organizations and a decentralized responsibility for content. Furthermore, a central authority may delay required maintenance activities and/or granting and/or removing of access rights.
  • a computer-implemented method for managing access rights to a knowledge graph with content managed by a plurality of entities may comprise splitting, for each user system of a plurality of user systems, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs using a private key of a knowledge-subgraph-specific asymmetric public/private key pair, and generating a plurality of private summary graphs, one for each user system.
  • each private summary graph may comprise one vertex for each knowledge subgraph of the user system.
  • each vertex may also comprise the knowledge-subgraph-specific asymmetric public/private key pair.
  • the method may further comprise maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any of the private keys used to encrypt any of the knowledge subgraphs, and granting access to a selected knowledge subgraph from a first user system to a second user system, by providing a decryption key relating to the selected knowledge subgraph from the first user system to the second user system.
  • a related knowledge graph management system for managing access rights to a knowledge graph.
  • the system may comprise a splitting unit adapted for splitting, for each user system of a plurality of user systems, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, an encryption unit adapted for encrypting each of the knowledge subgraphs using a private key of a knowledge-subgraph-specific asymmetric public/private key pair, and a generator adapted for generating a plurality of private summary graphs, one for each user system.
  • each private summary graph may comprise one vertex for each knowledge subgraph of the user system, and each vertex may also comprise the knowledge-subgraph-specific asymmetric public/private key pair.
  • the system may comprise a management unit adapted for maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, a mapping module adapted for mapping all private subgraphs of all user systems to one public summary graph.
  • each vertex of the public summary graph may comprise less data than the related vertex of the related private summary graphs; none of the vertices of the summary graph may comprise any of the private keys used to encrypt any of the knowledge subgraphs.
  • an access module may be adapted for granting access to a selected knowledge subgraph, from a first user system to a second user system, by providing a decryption key relating to the selected knowledge subgraph from the first user system to the second user system.
  • the present invention may allow an easy, straightforward, effective and efficient way for sharing data and knowledge by the plurality of knowledge graphs—or portions thereof—without requiring a central authentication, authorization and management instance.
  • a decision about access rights is managed directly by the content owners with their related client systems.
  • the control of access management to the knowledge subgraphs is distributed to the users directly. Users “owning” some content in form of a knowledge subgraph decide themselves to whom access is granted and to whom not. Also, the process of revoking access to a particular knowledge subgraph may be in the hand of the knowledge owners.
  • the layered architecture in particular the private summary graph layer, the collaboration graph layer and the public summary graph—are instrumental in achieving the fine-granular decentralized access control management of the knowledge subgraphs.
  • the method may also comprise revoking access to the selected knowledge subgraph to the second user system by re-encrypting the selected knowledge subgraph with a new private key of a knowledge-subgraph-specific asymmetric public/private key pair.
  • the owner of content may have complete control over his content. Even once access is granted to another user, the content owner may revoke access to the content at any time.
  • each vertex of each private subgraph may comprise a summary description of the content of the related knowledge subgraphs.
  • the private subgraphs may become an intermediate layer to content that is owned by a specific user, as well as content that is owned by another user.
  • the method may also comprise joining the collaboration graph by creating an account for a new user system in the collaboration graph, the new user system being represented by a new vertex, splitting the content of an outside knowledge graph—in particular outside the main knowledge graph—into a plurality of outside knowledge subgraphs, encrypting the outside knowledge subgraphs—as well as the main knowledge graph, and uploading the outside knowledge subgraphs to the knowledge graph.
  • new users may at any time decide to share their content with other users already being organized using the main content knowledge graph.
  • a new user may also decide which portion of his content—i.e., of the knowledge graph he or she manages—shall be shareable with other users.
  • the method may also comprise searching through the public summary graph by searching through summary content of the vertices of the public summary graph.
  • the summary knowledge graph is not access restricted. Thus, all users may search through this public area of the knowledge graph. However, it does not mean that the user may have access to content related to a vertex in the private summary graph. It may be required that you may request access to the underlying detailed knowledge graph—i.e., the related content graph.
  • the method may also comprise granting read access to a knowledge subgraph of a first user system—in particular after receiving an access grant request to a third user system—i.e., any other content of the participating user—by providing, i.e., sending, the public portion of the public/private key pair of the vertex relating the knowledge graph to be granted access to, from the first user system to the third user system.
  • the transmission may be encrypted by the public key of the third user system.
  • the third user system may generate/define links between elements of his knowledge subgraph and the one of the first user system, as well as and adding a new vertex in third user system private summary graph. This may allow a large degree of flexibility of fine-grained content access control.
  • the method may also comprise adding edges between vertices of the knowledge subgraph of the first user system and the knowledge subgraph of the third user system by the third user system.
  • the method may also comprise granting write access to a knowledge subgraph of a first user system—in particular and again, after receiving a related write request—to a third user system by providing (also here, by sending it) the private/public key pair of the vertex relating the knowledge graph to be granted access to, from the first user system to the third user system, and enabling a rollback option for the first user system after the third user system has changed a vertex—in particular, at least one—of a knowledge subgraph relating to the first user system.
  • any user of the system may also have optionally total control over the management—in particular changing and adding new content—of that part of the knowledge graph owned by that specific user.
  • the knowledge graph may be selected out of the group comprising a collection of flat files, a relation database or an object database and, a graph database.
  • a relation database or an object database
  • a graph database may be used for the present invention.
  • the method may also comprise enabling all user systems—having installed the appropriate client application—sharing an access to a joint knowledge graph to perform the activity steps of splitting, encrypting, generating, maintaining, mapping, and granting.
  • This set of features may support a proper management of the underlying content sharing concept.
  • the knowledge subgraphs may partially be distributed across different storage platforms.
  • the main knowledge graph may not necessarily be one consistent knowledge graph in one single storage system—but a collection of a plurality of knowledge subgraphs distributed across different systems and potentially also across different locations.
  • embodiments may take the form of a related computer program product, accessible from a computer-usable or computer-readable medium providing program code for use, by, or in connection, with a computer or any instruction execution system.
  • a computer-usable or computer-readable medium may be any apparatus that may contain means for storing, communicating, propagating or transporting the program for use, by, or in connection, with the instruction execution system, apparatus, or device.
  • FIG. 1 shows a block diagram of an embodiment of a computer-implemented method for managing access rights to a knowledge graph with content managed by a plurality of entities.
  • FIG. 2 shows a block diagram of an embodiment of a plurality of user systems in a communicative connection to a central storage.
  • FIG. 3 shows a block diagram of an embodiment of the layered architecture of the present invention.
  • FIG. 4 shows a diagram of an embodiment of the layered architecture with a granted access to additional knowledge subgraphs.
  • FIG. 5 shows a block diagram of a flowchart of the sub-processes “grant access” and “write access”.
  • FIG. 6 shows a block diagram of a flowchart of the sub-process “remove access”.
  • FIG. 7 shows a block-diagram of a system for managing access rights to a knowledge graph with content managed by a plurality of entities.
  • FIG. 8 shows a block diagram of a computing system instrumental for the present invention.
  • a disadvantage of known solutions remains to be the central management and the inability of known solutions to share parts of knowledge graphs with other departments and/or organizations without requiring a central authority for authentication and authorization.
  • An administrator, having super-user rights, should be made redundant and superfluous.
  • the term ‘knowledge graph’ may denote a semantically organized data pool relating entities—i.e., content items—to each other.
  • the content items may be represented as vertices (or nodes) that are selectively linked by edges (or links) defining the relationship between the content items.
  • the knowledge graph may be organized as a plurality of flat files, as well as in one or more databases.
  • the term ‘user system’ may denote a computing system, typically a personal computer or workstation adapted to execute software applications under the control of an operating system.
  • the client referred to throughout the present invention may denote the software application.
  • a user may be represented by such a workstation.
  • the term ‘knowledge-subgraph-specific asymmetric public/private key pair’ may denote public/private key pair exclusively being generated for a dedicated knowledge subgraph. The generation may be performed by the client (application). The public part may be shared and the private key may only be accessible by a very restricted group of systems, typically those having access to the content items of the knowledge subgraphs.
  • private summary graphs may denote a layer in the layered architecture organized one level above the knowledge subgraph. It may be used to organize the different knowledge subgraphs in the content level.
  • vertex may denote a logical entity representing content or users in a knowledge graph. Vertices may also be used for management purposes. The vertices may selectively be linked by edges representing dependencies between content items, users, access rights and/or a mixture of them.
  • the term ‘content graph’ may denote the lowest level of the content graph architecture.
  • the content graph is composed of a plurality of knowledge subgraphs comprising vertices representing the content items.
  • the terms ‘content graph’ and ‘knowledge graph’ may be used synonymously; however, it may be understood that the lowest level may comprise a plurality of knowledge subgraphs which may be connected to build a complete content graph or a plurality of content graphs not being connected because users did not built links between them.
  • private summary graph may denote a knowledge graph layer above the content graph comprising one vertex for each subgraph of the content graph, subgraphs of a user as well as of collaborators.
  • a vertex of the private summary graph represents a summary of the corresponding subgraphs as well as additional management information (i.e., encryption/decryption keys).
  • collaboration graph may denote the next knowledge graph layer above the private summary graph.
  • Each vertex of the collaboration graph may represent a user of the knowledge graph. From here, links may go to all content items of all knowledge subgraphs of the content graph layer the user has access to, his own knowledge subgraphs, as well as to those knowledge subgraphs of collaborators he or she has access to.
  • the term ‘public summary graph’ may represent the content of the content graph layer—i.e., the summary of the knowledge subgraphs—in a summarized form.
  • the public summary graph may represent the highest layer of the knowledge graph architecture.
  • a vertex of the public summary graph may comprise only the summary of the corresponding knowledge subgraphs.
  • the public summary graph may represent the initial search and navigation layer with unrestricted access by all users.
  • collaboration may denote here that a user allows access to content subgraphs he or she manages to another user.
  • the term ‘access’ may denote that a user not owning and managing a content subgraph may have allowed another user to read the content.
  • the owning user may also allow another user, i.e., a collaborator, to write new content to the subgraphs or also change existing content, i.e., write access.
  • re-encrypting may denote that subgraphs—in particular the information stored in the vertices of subgraphs—may be re-encrypted with a new key directly without decrypting it and storing it immediately. This way, content items of a sub graph may never be exposed during the period between decryption and a new encryption.
  • the re-encryption is the basis for revoking access to content items in respect to a user which may have had access to it before.
  • FIG. 1 shows a block diagram of an embodiment of the computer-implemented method 100 for managing access rights to a knowledge graph with content managed by a plurality of entities.
  • users are represented by their computer system (i.e., workstation) running an application and/or a browser.
  • the method 100 comprises splitting, 102 , for each user system—representing a specific user—of a plurality of user systems, its respective portion of the knowledge graph into a plurality of knowledge subgraphs; encrypting, 104 , each of the knowledge subgraphs using a private key of a knowledge-subgraph-specific asymmetric public/private key pair; and generating, 106 , a plurality of private summary graphs, one for each user system, wherein each private summary graph comprises one vertex—in particular, exactly one—for each knowledge subgraph of the user system.
  • each vertex also comprises the knowledge-subgraph-specific asymmetric public/private key pair. i.e., an encryption key, as well as a decryption key.
  • the method 100 also comprises maintaining, 108 , a collaboration graph comprising one vertex per user system and edges representing collaborations between the users; and mapping, 110 , all private subgraphs of all user systems to one public summary graph, wherein each vertex of the public summary graph comprises less data than—or an equal number to—the related vertex of the related private summary graphs, and wherein none of the vertices of the summary graph comprises any of the private keys used to encrypt any of the knowledge subgraphs.
  • the method 100 also comprises granting, 112 , access to a selected knowledge subgraph from a first user system to a second user system, by providing a decryption key relating to the selected knowledge subgraph from the first user system to the second user system.
  • FIG. 2 shows a block diagram 200 of an embodiment of a plurality of user systems in communicative connection (wire-bound or wireless network) to a central storage.
  • the underlying infrastructure comprises only two types of principal components, user workstations 202 , 204 , 206 , 208 running the client (a software application) and shared storage 210 , e.g., publicly accessible cloud storage.
  • the knowledge graphs are encrypted and stored on shared storage 210 . Only the summary graph is stored unencrypted and can be accessed by all user systems. All other data is protected by encryption from access. Access must be granted individually.
  • shared storage 210 is provided as flat file storage, in another implementation as a relational database management system (RDBMS).
  • RDBMS relational database management system
  • the client (application) running on the user's workstation generates sets of asymmetric encryption keys used, performs encryption and decryption, and accesses the knowledge graphs.
  • the present invention is based on four levels of knowledge graphs.
  • the actual (formerly unencrypted) knowledge graph is called the content graph and is divided in several subgraphs allowing specific users accessing specific content. The access may be role-based.
  • the subgraphs and their encryptions are handled by (ii) the private summary graph, which is itself encrypted.
  • the collaboration graph connects the users, which are presented as vertices and transports shared encrypted keys.
  • the unencrypted public graph allows users to search content owned by fellow collaborators.
  • users can start collaborating with fellow collaborators, i.e., other users, i.e., other user computer systems, i.e. other workstations.
  • FIG. 3 shows a block diagram of an embodiment of the layered architecture 300 of the present invention.
  • Four layers of knowledge graphs are shown: the public knowledge graph 302 , the collaboration graph 304 , the private summary graph 306 , and the content graph 308 comprising a plurality of knowledge subgraphs.
  • the different knowledge graph layers are separated by horizontal dashed lines.
  • Edges are stored on the links between vertices. Say vertices A and B are connected, a reference to B is stored on A and a reference to A is stored on B. In some cases, the attributes of the partial edge from A to B and B to A may differ.
  • a summary of a graph comprises one or more of the following: the abstraction of its structure (like a coarse graph), tags assigned to vertices, keywords of the vertices content, and a list of vertices.
  • Asymmetric encryption is used to protect content and make content available to selected individuals or groups.
  • Asymmetric cryptography is used in such a way that users generate key pairs consisting out of a key for encryption K enc (known also as private key) and a key for decryption K dec (also known as public key).
  • K enc key for encryption
  • K dec key for decryption K dec
  • the activities of key generation, encryption, and decryption are done by the client on the user's workstation.
  • a certificate authority like public key infrastructure (PKI) is advantageously not required.
  • the lowest level contains the content graph(s) 308 , i.e., the knowledge subgraphs. Its source is the original, unencrypted knowledge graph.
  • the content graph 308 has been divided into knowledge subgraphs so that individual sets of content 310 , 312 , 314 (subgraphs) can be shared with fellow collaborators.
  • the owner of a specific knowledge graph can take various approaches to define subgraphs.
  • the owner defines subgraphs based on content and potential collaborators.
  • the owner uses an algorithm to find community structures and uses them to divide the knowledge graph based on its structure. Algorithms for finding communities may comprise the minimum-method, hierarchical clustering, the Girvan-Newman algorithm, modularity maximization, statistical interference, and click-based methods. Densely linked areas from a center of a subgraph and loosely coupled vertices are distributed among different subgraphs.
  • the owner groups the vertices by content, e.g. the owner generates a list of topics and each vertex is assigned to the closest matching topic.
  • a combination of the above e.g. the owner generates a list of topics and each vertex is assigned to the closest matching topic.
  • Each subgraph (J, K, L) 310 , 312 , 314 is encrypted with a different private key. By sharing the corresponding decryption key, access to a subgraph can be given to other users.
  • the content graph may contain links to graphs owned by other users (see dotted lines 406 in FIG. 4 ).
  • the private summary graph 306 comprises one vertex for each subgraph of the content graph 308 —both own subgraphs and subgraphs of collaborators. Two vertices in the private summary graph 306 are linked if there exists at least one edge between the vertices of the respective subgraphs.
  • Each vertex of the private summary graph 306 includes: a list of vertices of the corresponding subgraph; a summary of the corresponding subgraph; for own subgraphs and for subgraphs of collaborators with write access, the decryption and encryption key of the corresponding subgraph; for subgraphs of collaborators with read-only access, the decryption key of the corresponding subgraph; and the storage location of the subgraph. It may also be noted that the private summary graph is encrypted. Initially, the key for decryption is not to be shared.
  • the collaboration graph 304 represents the connections with knowledge graphs of other users (e.g., U, C, D, B). Vertices represent users (the user itself and the collaborators). Each user U, C, D, B has a unique identifier assigned that is generated when the user joins the system. Edges between the vertices of the collaboration graph summarize the edges created between vertices of the user's subgraph(s) and the collaborator's graph(s). In case more than one collaborator granted access to its subgraph(s) and edges between their subgraphs have been found, the linkage between the collaborators' subgraphs is summarized in the collaboration graph (e.g., between vertices B and C).
  • a vertex in the collaboration graph 304 representing the user (e.g., U, C, D, B), is linked to all vertices owned by the user in both the public summary graph 302 and private summary graph 306 .
  • a collaborator can in principle follow an edge to a vertex located in the private summary graph 306 but cannot access the vertex (and its subsequent edges) as the vertex is encrypted.
  • a user vertex also receives and stores access request from collaborators.
  • the public summary graph 302 comprises (as the private summary graph 306 ) one vertex (e.g., J, K, L, N, O) for each subgraph. However, a vertex only comprises the summary of the corresponding subgraph. It does not comprise keys or a list of vertices.
  • the summary on the public summary graph 302 may not contain the level of information as on the private summary graph. However, it should be comprehensive enough to produce a meaningful search result.
  • a vertex also contains the storage location of the subgraph in the content graph. Each vertex is linked to the user vertex of the vertex owner.
  • the client will add an edge between the vertices of different owners only once a (at least unilateral) collaboration has been established and at least one edge between the corresponding subgraphs of the content graph have been added.
  • the central knowledge graph storage (see FIG. 2, 210 ) is implemented as a set of flat files, a vertex is represented by a file and edges are stored in the vertex file as references to other files (i.e., path and file name).
  • an industry standard knowledge graph database is used.
  • These graph databases are relational databases, in which each object (a vertex) has a primary, unique key.
  • Other objects related to an object (vertices connected by edges) are referred to by “foreign keys”, which are the values of primary keys stored as an attribute in the object.
  • the public summary graph 302 is disjointed, i.e., two or more subgraphs are not sharing edges. This is at least the case when a new user joins (see below). After having joint and sharing subgraphs, respective users may define edges between subgraphs.
  • the client accesses the table of vertices of the public summary graph 302 , which comprises for each vertex a pointer to the content (called “storage location” above).
  • the client scans the storage system for graph databases and accesses each database's table of vertices of the public summary graph, which contains for each vertex a pointer to the content (called “storage location” above).
  • storage location contains for each vertex a pointer to the content.
  • the primary keys are not unique across the databases; therefore, edges are implemented as a tuple (database identifier, primary key).
  • a new user wants to join the collaboration network, he or she has to subscribe to the shared storage.
  • Each user must have a client installed on their workstation supporting accessing and maintaining a knowledge graph.
  • the user creates a vertex representing himself/herself in the collaboration graph 304 (exemplary shown as user A in FIG. 3 ). Initially, the vertex representing the user is not linked to any other vertex.
  • the user decides on the number of initial subgraphs.
  • the user On the workstation, the user generates the subgraphs either by populating them with vertices and edges or by importing an existing knowledge graph and dividing it into subgraphs, as described above.
  • the client encrypts each subgraph with the corresponding key Key i enc and uploads the subgraph to the central storage. As edges are stored with the vertices, edges connecting subgraphs are found in both subgraphs.
  • the client For each subgraph uploaded, the client adds a vertex to the summary graph and adds the edges to the vertex, as described above.
  • the user's client generates the “user specific” key pair Key A enc and Key A dec and encrypts the private summary graph with this key.
  • Key A dec is stored only on the user's workstation and is never shared.
  • Key A enc is stored on the collaboration graph, accessible for (potential) collaborators.
  • any graph search algorithm can be used.
  • an algorithm for sparsely linked graphs is used.
  • the graph database table(s) listing the summary graph vertices J, K, L, N, O can be traversed in a known manner.
  • FIG. 4 shows a diagram of an embodiment of the layered architecture 400 with a granted access to additional knowledge subgraphs.
  • FIG. 4 describes the grant access process to content of another user.
  • FIG. 5 shows a block diagram of flowchart 500 of the sub-processes “grant access” and “write access”.
  • a first user e.g., user A
  • content of interest in one or more subgraphs owned by second user e.g., user B
  • user A requests, 504 , access to these subgraph(s)—e.g., subgraphs 402 , 404 .
  • the client of user A stores an access request on the vertex of user B in the collaboration graph 306 .
  • the client of user B picks up the request.
  • User B receives, 506 , a notification and can grant (or deny) access.
  • the client of user B retrieves, 510 , the decryption key(s) of the content subgraph(s) (e.g., 402 , 404 , FIG. 4 ) from the corresponding vertices of the private summary nodes N, O, then, encrypts, 512 , these decryption keys of the private summary graph 306 with the encryption key of user A (retrieved from the collaboration graph) and stores them on user A's vertex in the collaboration graph 304 .
  • the decryption key(s) of the content subgraph(s) e.g., 402 , 404 , FIG. 4
  • FIG. 4 showing a user A centric view, has been extended showing also the details for user B indicated by dashed lines from vertex N of the left private summary graph 306 to subgraph 402 and from vertex O of the left private summary graph 306 (surrounded by dashed lines) to subgraph 404 .
  • user A searched the public summary graph 302 and found interesting content on the vertices N and O. It is noted that user A had started the search either on vertex N or O, or on a vertex connected via a path to N or O as at this point of time a (direct) connection between L and N does not exist.
  • the client of user A identifies the vertices N and O to be owned by user B and creates an access request on the vertex of user B.
  • User B grants access, 514 .
  • the client of user B retrieves the encryption key of user A (Key A enc ) from the collaboration graph 304 and two decryption keys Key N dec and Key O dec from its own private summary graph 306 (right portion of that graph layer).
  • Key A enc the client of user B encrypts Key N dec and Key O dec and stores, 516 , them on the vertex of user A in the collaboration graph 308 .
  • the client of user A retrieves the two encrypted keys from the vertex of user A and decrypts them using Key A dec .
  • the client In the workstation memory, the client generates two summary vertices N and O by copying the vertices of the public summary graph, storing Key N dec and Key O dec correspondingly and (optionally) enriching the two new vertices N and O by summarizing the subgraphs 402 , 404 relating to vertices N and O by an algorithm pre-selected by user A.
  • the client encrypts the two new summary nodes using Key A enc and adds them to the private summary graph 306 (right portion of the knowledge graph layer) of user A.
  • Modifying of vertices or edges of an encrypted knowledge graph implies that encryption is included in the write process.
  • the storage is implemented as flat files (each file representing a vertex and its edges), the user has to encrypt only one file per vertex update.
  • column level encryption or (preferably) field level encryption is used to minimize the computational effort for a vertex update.
  • the storage may allow unrestricted write access for all users. This implies that (1) a collaborator who received the appropriate encryption key can update content in such a way that the owner cannot distinguish which one of the collaborators updated a vertex if several collaborators received write access and (2) any user can delete content independent of a possession of a key.
  • a hash key is calculated after a write operation. It is to be noted that a deletion will result in the hash key 0.
  • the owner maintains a register of all hash keys of its subgraphs and a backup of all subgraphs. These can be either stored on the user's workstation or on a separate central storage system (not shown).
  • the client checks the actual hash keys, and, in case of the deviation, informs the user about a write or deletion activity on a subgraph. The user can decide on a roll-back operation.
  • requesting and granting write access works in the same way as requesting and granting read access, but additionally to the decryption keys and the encryption keys for the subgraphs in scope must be added (in an encrypted format) to the collaboration graph of the requester and in turn to the private summary graph of the requester.
  • This approach has the advantage that modifications can be performed by invited collaborators in real-time.
  • the creator of a subgraph is only allowed to modify a subgraph, or, more precisely, the data object containing the subgraph.
  • the data object can be a directory.
  • the data object is a database table.
  • the client when a user joins the system, the client generates a user ID.
  • the user ID is stored on the workstation. Whenever a new subgraph/data object is created, this user ID is stored as metadata with the data object.
  • the client sends the user ID with every write request.
  • the storage receives a write request to the data object, the user ID is compared to the metadata of the data object and, only in the case of a match, the storage system performs the write operation. Updates by collaborators are transported (via the owner's user vertex) to the owner of the subgraph as changed vertices, i.e., either as a flat file or as database table row.
  • the owner's client displays the change in conjunction with the surrounding knowledge graph to the owner, and the owner decides whether to accept or reject the change. For trusted collaborators, the owner may decide to auto-accept changes. Upon acceptance, the owner's client adds the changes to the subgraph encrypted with the appropriate key of the subgraph.
  • This approach has the advantage that the owner controls modifications before they are effective. Thus, a higher level of content consistency can be achieved in a collaborative environment.
  • Removal of access is performed using re-encryption, which means that content encrypted with Key X enc and which can so far be decrypted using Key X dec is processed in such a way that it can be only decrypted using the new Key′ dec .
  • re-encryption a combination of the Key X dec and Key Y enc is used.
  • re-encryption is mostly discussed in the context of proxy re-encryption (PRE).
  • PRE proxy re-encryption
  • a combined key is generated to re-encrypt a subgraph directly, i.e., without decrypting it first and encrypting it subsequently, meaning, without leaving the subgraph exposed during the period between decryption has been finalized and an encryption has started.
  • FIG. 6 shows a block diagram of a flowchart of the sub-process “remove access”.
  • user B wants to remove access for user A to subgraph N only, 602 .
  • the client of user B generates, 604 , a new key pair (Key M dec , Key M enc ) and a combined key [Key N dec
  • the client re-encrypts, 606 , subgraph N with the key [Key N dec
  • the client of user A removes, 610 , the summary node from the private summary graph of user A.
  • the client of user B stores also a notification of re-encryption on the vertices of user C and user D together with the new decryption key Key M dec encrypted with Key C enc and encrypted with Key D enc respectively, ensuring so that only user C and D can use Key M dec .
  • a graph search starts at a given vertex (or a set of vertices for parallel search) and traverses the graph by following the edges.
  • the given vertex is decrypted (if it is not already found unencrypted in the client's buffer).
  • the search processes the first vertex, all vertices connected to the first vertex are decrypted.
  • the search processes the content of the n th vertex, all vertices connected to the n th vertex are decrypted.
  • the client buffer runs full, the vertices at the beginning of the search path are removed from the buffer.
  • the search process checks in advance in the private summary graph whether the current decryption key is valid for the subsequent vertex. In another implementation, the search process only retrieves an encryption key from the summary graph after the decryption of a vertex failed due to using a wrong key.
  • the search algorithm regards the edge to the subgraph as non-existing and redirects the search path.
  • the owner of a subgraph wants to share only parts of the subgraph with a collaborator, the owner must split the subgraph.
  • the client decrypts the subgraph on the workstation, splits the subgraph using the selected method, encrypts the new set of subgraphs with new, distinct keys, replaces the single subgraph by the set of subgraphs in question, and updates the public summary graph and the owner's private summary graph. So that the collaborators keep their access, the client encrypts the new set of subgraph encryption keys with the collaborators encryption keys and stores them on the respective users' vertices. Additionally, a message is stored on the users' vertices referring to the updated public summary graph, so that each collaborator's client can update the private summary graph accordingly.
  • the owner of a subgraph wants to consolidate several subgraphs into one subgraph, the owner selects the subgraphs in the client.
  • the client determines the largest of the subgraphs either in terms of number of vertices or in terms of overall storage used by the vertices.
  • the client decrypts the other n ⁇ 1 subgraphs on the workstations, encrypts them with the encryption key of the largest subgraph, replaces the subgraphs of the newly encrypted subgraphs, and updates the public summary graph and the owner's private summary graph.
  • Concerning the collaborators who had former access to at least the largest subgraph the client stores a message on the collaborators' vertices informing them about the update to the summary graph.
  • Concerning the collaborators who had former access to other subgraphs but not to the largest subgraph the client stores the personally encrypted subgraph encryption key and a message on the collaborators' vertices informing them about the update to the summary graph.
  • the owner could decide not to grant access to consolidated graphs to collaborators who had not access to all subgraphs in the first place.
  • FIG. 7 shows a block diagram of the knowledge graph management system 700 for managing access rights to a knowledge graph stored in one or more storage units with content managed by a plurality of entities.
  • the system 700 comprises a splitting unit 702 adapted for splitting, for each user system of a plurality of user systems, its respective portion of the knowledge graph into a plurality of knowledge subgraphs (see FIG. 3, 312, 312, 314 ), an encryption unit 704 adapted for encrypting each of the knowledge subgraphs using a private key of a knowledge-subgraph-specific asymmetric public/private key pair, and a generator 706 adapted for generating a plurality of private summary graphs, one for each user system.
  • each private summary graph (see FIG. 3, 306 ) comprises one vertex for each knowledge subgraph of the user system, wherein each vertex also comprises the knowledge-subgraph-specific asymmetric public/private key pair.
  • the system 700 also comprises a management unit 708 adapted for maintaining a collaboration graph, comprising one vertex per user system and edges representing collaborations between the users; a mapping module 710 adapted for mapping all private subgraphs of all user systems to one public summary graph, wherein each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs, and wherein none of the vertices of the summary graph comprises any of the private keys used to encrypt any of the knowledge subgraphs; and an access module 712 adapted for granting access to a selected knowledge subgraph from a first user system to a second user system, by providing a decryption key relating to the selected knowledge subgraph from the first user system to the second user system.
  • a management unit 708 adapted for maintaining a collaboration graph, comprising one vertex per user system and edges representing collaborations between the users
  • a mapping module 710 adapted for mapping all private subgraphs of all user systems to one public summary graph, wherein each vertex of the public summary graph comprises less data
  • FIG. 8 shows, as an example, a computing system 800 suitable for executing program code related to the proposed method.
  • Each workstation 202 may be implemented in form of the computing system 800 , as well as any system controlling the central storage system 204 (see FIG. 2 ) and the nodes and servers controlling the knowledge graphs and knowledge subgraphs.
  • the computing system 800 is only one example of a suitable computer system and is not intended to suggest any limitation as to the scope of use or functionality of embodiments of the invention described herein, regardless, whether the computer system 800 is capable of being implemented and/or performing any of the functionality set forth hereinabove.
  • the computer system 800 there are components, which are operational with numerous other general purpose or special purpose computing system environments or configurations.
  • Examples of well-known computing systems, environments, and/or configurations that may be suitable for use with computer system/server 800 include, but are not limited to, personal computer systems, server computer systems, thin clients, thick clients, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputer systems, mainframe computer systems, and distributed cloud computing environments that include any of the above systems or devices, and the like.
  • Computer system/server 800 may be described in the general context of computer system-executable instructions, such as program modules, being executed by a computer system 800 .
  • program modules may include routines, programs, objects, components, logic, data structures, and so on that perform particular tasks or implement particular abstract data types.
  • Computer system/server 800 may be practiced in distributed cloud computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both, local and remote computer system storage media, including memory storage devices.
  • computer system/server 800 is shown in the form of a general-purpose computing device.
  • the components of computer system/server 800 may include, but are not limited to, one or more processors or processing units 802 , a system memory 804 , and a bus 806 that couple various system components including system memory 804 to the processor 802 .
  • Bus 806 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures.
  • Computer system/server 800 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by computer system/server 800 , and it includes both, volatile and non-volatile media, removable and non-removable media.
  • the system memory 804 may include computer system readable media in the form of volatile memory, such as random access memory (RAM) 808 and/or cache memory 810 .
  • Computer system/server 800 may further include other removable/non-removable, volatile/non-volatile computer system storage media.
  • a storage system 812 may be provided for reading from and writing to a non-removable, non-volatile magnetic media (not shown and typically called a ‘hard drive’).
  • a magnetic disk drive for reading from and writing to a removable, non-volatile magnetic disk (e.g., a ‘floppy disk’), and an optical disk drive for reading from or writing to a removable, non-volatile optical disk such as a CD-ROM, DVD-ROM or other optical media may be provided.
  • each can be connected to bus 806 by one or more data media interfaces.
  • memory 804 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
  • the program/utility having a set (at least one) of program modules 816 , may be stored in memory 804 by way of example, and not limiting, as well as an operating system, one or more application programs, other program modules, and program data. Each of the operating systems, one or more application programs, other program modules, and program data or some combination thereof, may include an implementation of a networking environment.
  • Program modules 816 generally carry out the functions and/or methodologies of embodiments of the invention, as described herein.
  • the computer system/server 800 may also communicate with one or more external devices 818 such as a keyboard, a pointing device, a display 820 , etc.; one or more devices that enable a user to interact with computer system/server 800 ; and/or any devices (e.g., network card, modem, etc.) that enable computer system/server 800 to communicate with one or more other computing devices. Such communication can occur via input/output (I/O) interfaces 814 . Still yet, computer system/server 800 may communicate with one or more networks such as a local area network (LAN), a general wide area network (WAN), and/or a public network (e.g., the Internet) via network adapter 822 .
  • LAN local area network
  • WAN wide area network
  • public network e.g., the Internet
  • network adapter 822 may communicate with the other components of the computer system/server 800 via bus 806 .
  • bus 806 It should be understood that, although not shown, other hardware and/or software components could be used in conjunction with computer system/server 800 . Examples, include, but are not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data archival storage systems, etc.
  • the present invention may be a system, a method, and/or a computer program product.
  • the computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
  • the computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device.
  • the computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
  • a non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing.
  • RAM random access memory
  • ROM read-only memory
  • EPROM or Flash memory erasable programmable read-only memory
  • SRAM static random access memory
  • CD-ROM compact disc read-only memory
  • DVD digital versatile disk
  • memory stick a floppy disk
  • a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon
  • a computer readable storage medium is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
  • Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.
  • the network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers.
  • a network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
  • Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the “C” programming language or similar programming languages.
  • the computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
  • the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
  • electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
  • These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
  • the computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Artificial Intelligence (AREA)
  • Computational Linguistics (AREA)
  • Evolutionary Computation (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
US16/536,342 2019-08-09 2019-08-09 Encrypted knowledge graph Active 2040-09-02 US11397825B2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US16/536,342 US11397825B2 (en) 2019-08-09 2019-08-09 Encrypted knowledge graph
GB2117672.2A GB2599043B (en) 2019-08-09 2020-07-23 Encrypted knowledge graph
PCT/IB2020/056940 WO2021028748A1 (en) 2019-08-09 2020-07-23 Encrypted knowledge graph
DE112020002859.3T DE112020002859T5 (de) 2019-08-09 2020-07-23 Verschlüsselter wissens-graph
JP2022508465A JP2022544484A (ja) 2019-08-09 2020-07-23 暗号化されたナレッジ・グラフ
US17/806,067 US20220300638A1 (en) 2019-08-09 2022-06-08 Encrypted knowledge graph

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US16/536,342 US11397825B2 (en) 2019-08-09 2019-08-09 Encrypted knowledge graph

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/806,067 Continuation US20220300638A1 (en) 2019-08-09 2022-06-08 Encrypted knowledge graph

Publications (2)

Publication Number Publication Date
US20210042438A1 US20210042438A1 (en) 2021-02-11
US11397825B2 true US11397825B2 (en) 2022-07-26

Family

ID=74498938

Family Applications (2)

Application Number Title Priority Date Filing Date
US16/536,342 Active 2040-09-02 US11397825B2 (en) 2019-08-09 2019-08-09 Encrypted knowledge graph
US17/806,067 Pending US20220300638A1 (en) 2019-08-09 2022-06-08 Encrypted knowledge graph

Family Applications After (1)

Application Number Title Priority Date Filing Date
US17/806,067 Pending US20220300638A1 (en) 2019-08-09 2022-06-08 Encrypted knowledge graph

Country Status (5)

Country Link
US (2) US11397825B2 (ja)
JP (1) JP2022544484A (ja)
DE (1) DE112020002859T5 (ja)
GB (1) GB2599043B (ja)
WO (1) WO2021028748A1 (ja)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11455304B2 (en) * 2019-09-20 2022-09-27 Sap Se Graph-based predictive cache
CN113157938B (zh) * 2021-03-25 2022-05-17 支付宝(杭州)信息技术有限公司 保护隐私数据的多个知识图谱联合处理的方法和装置
US20220405711A1 (en) * 2021-06-16 2022-12-22 9408-5735 Québec Inc. Concept-based collaborative mechanism

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110138190A1 (en) 2009-12-09 2011-06-09 Microsoft Corporation Graph encryption
US20110173455A1 (en) * 2009-12-18 2011-07-14 CompuGroup Medical AG Database system, computer system, and computer-readable storage medium for decrypting a data record
US20160203327A1 (en) * 2015-01-08 2016-07-14 International Business Machines Corporation Edge access control in querying facts stored in graph databases
US9547823B2 (en) * 2014-12-31 2017-01-17 Verizon Patent And Licensing Inc. Systems and methods of using a knowledge graph to provide a media content recommendation
US20170322977A1 (en) * 2014-11-07 2017-11-09 Hitachi, Ltd. Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer
US20180210936A1 (en) * 2016-06-19 2018-07-26 Data.World, Inc. Interactive interfaces to present data arrangement overviews and summarized dataset attributes for collaborative datasets
US10164774B2 (en) 2014-05-22 2018-12-25 Puccini World Limited Securing a directed acyclic graph
US20190020482A1 (en) 2017-07-13 2019-01-17 Pindrop Security, Inc. Zero-knowledge multiparty secure sharing of voiceprints
US20190155961A1 (en) 2017-11-17 2019-05-23 Microsoft Technology Licensing, Llc Resource-Efficient Generation of a Knowledge Graph
US10942988B2 (en) * 2017-06-02 2021-03-09 Thinkspan, LLC Zero-knowledge encryption in universal data scaffold based data management platform

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110138190A1 (en) 2009-12-09 2011-06-09 Microsoft Corporation Graph encryption
US8874930B2 (en) 2009-12-09 2014-10-28 Microsoft Corporation Graph encryption
US20110173455A1 (en) * 2009-12-18 2011-07-14 CompuGroup Medical AG Database system, computer system, and computer-readable storage medium for decrypting a data record
US8887254B2 (en) 2009-12-18 2014-11-11 CompuGroup Medical AG Database system, computer system, and computer-readable storage medium for decrypting a data record
US10164774B2 (en) 2014-05-22 2018-12-25 Puccini World Limited Securing a directed acyclic graph
US20170322977A1 (en) * 2014-11-07 2017-11-09 Hitachi, Ltd. Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer
US9547823B2 (en) * 2014-12-31 2017-01-17 Verizon Patent And Licensing Inc. Systems and methods of using a knowledge graph to provide a media content recommendation
US9940472B2 (en) 2015-01-08 2018-04-10 International Business Machines Corporation Edge access control in querying facts stored in graph databases
US20160203327A1 (en) * 2015-01-08 2016-07-14 International Business Machines Corporation Edge access control in querying facts stored in graph databases
US20180210936A1 (en) * 2016-06-19 2018-07-26 Data.World, Inc. Interactive interfaces to present data arrangement overviews and summarized dataset attributes for collaborative datasets
US10942988B2 (en) * 2017-06-02 2021-03-09 Thinkspan, LLC Zero-knowledge encryption in universal data scaffold based data management platform
US20190020482A1 (en) 2017-07-13 2019-01-17 Pindrop Security, Inc. Zero-knowledge multiparty secure sharing of voiceprints
US20190155961A1 (en) 2017-11-17 2019-05-23 Microsoft Technology Licensing, Llc Resource-Efficient Generation of a Knowledge Graph

Non-Patent Citations (9)

* Cited by examiner, † Cited by third party
Title
"Community structure", WIKIPEDIA, The Free Encyclopedia, <https://en.wikipedia.org/wiki/Community_structure>, last edited Jul. 7, 2019, 10 pages.
"Database encryption", WIKIPEDIA, The Free Encyclopedia, last edited on Jul. 15, 2019, <https://en.wikipedia.org/wiki/Database_encryption>, 8 pages.
"Proxy re-encryption", WIKIPEDIA, The Free Encyclopedia, <https://en.wikipedia.org/wiki/Proxy_re-encryption>, last edited on Nov. 14, 2018, 3 pages.
"Public-key cryptography", WIKIPEDIA, The Free Encyclopedia, <https://en.wikipedia.org/wiki/Public-key_cryptography>, last edited on Jul. 15, 2019, 9 pages.
Joshi et al., "Attribute Based Encryption for Secure Access to Cloud Based EHR Systems", Published in: Proceedings of the IEEE Cloud Conference, 2018, San Francisco, < https://mdsoar.org/bitstream/handle/11603/11344/889.pdf?sequence=1>, 4 pages.
Patent Cooperation Treaty, PCT, International Search Report, Applicant's File Reference P201901450PCT01, International Application No. PCT /IB2020/056940, International Filing Date: Jul. 23, 2020, 3 pages.
Patent Cooperation Treaty, PCT, Written Opinion of the International Searching Authority, Applicant's File Reference: P201901450PCT01, International Application No. PCT /IB2020/056940, International Filing Date: Jul. 23, 2020, 3 pages.
Ravizza et al., "Dynamic Access Control for Knowledge Graph",U.S. Appl. No. 15/894,975, IBM Attorney Docket No. P201705424US01, filed on Feb. 13, 2018, 39 pages.
Scheideler et al., "Secure Zones in Knowledge Graph", U.S. Appl. No. 15/904,532, IBM Attorney Docket No. P201704464US01, filed on Feb. 26, 2018, 43 pages.

Also Published As

Publication number Publication date
GB202117672D0 (en) 2022-01-19
WO2021028748A1 (en) 2021-02-18
US20220300638A1 (en) 2022-09-22
JP2022544484A (ja) 2022-10-19
DE112020002859T5 (de) 2022-02-24
US20210042438A1 (en) 2021-02-11
GB2599043A (en) 2022-03-23
GB2599043B (en) 2023-04-05

Similar Documents

Publication Publication Date Title
US20220300638A1 (en) Encrypted knowledge graph
CN116112274B (zh) 在企业环境中区块链,管理组权限和访问的集成
Wan et al. HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing
TWI532355B (zh) 用於可信賴計算及資料服務的可信賴可延伸標示語言
US11610015B2 (en) Managing group authority and access to a secured file system in a decentralized environment
Subbiah et al. A novel approach to view and modify data in cloud environment using attribute-based encryption
US20140115327A1 (en) Trust services data encryption for multiple parties
US20060059544A1 (en) Distributed secure repository
US20140245025A1 (en) System and method for storing data securely
US10120870B2 (en) System and method for searching distributed files across a plurality of clients
Sangeetha et al. Multi keyword searchable attribute based encryption for efficient retrieval of health Records in Cloud
WO2021198750A1 (en) System and method to manage information and documents on a native blockchain network system including permissioned blockchain, storage, sharing, organisation, porting and various applications
Wise et al. Cloud docs: secure scalable document sharing on public clouds
US11804954B2 (en) Encryption key management for an automated workflow
Ananthi et al. FSS-SDD: fuzzy-based semantic search for secure data discovery from outsourced cloud data
US10546142B2 (en) Systems and methods for zero-knowledge enterprise collaboration
Krishna et al. Dynamic cluster based privacy-preserving multi-keyword search over encrypted cloud data
Ren et al. SeGoAC: A tree-based model for self-defined, proxy-enabled and group-oriented access control in mobile cloud computing
Liu et al. A fusion data security protection scheme for sensitive E-documents in the open network environment
Mala et al. Deep multilayer percepted policy attribute Lamport certificateless signcryption for secure data access and sharing in cloud
US20240223375A1 (en) Zero-knowledge encryption architecture for content management systems
Geeta et al. VASD2OM: virtual auditing and secure deduplication with dynamic ownership management in cloud
US11757642B1 (en) Systems and methods for decentralized synchronization and braided conflict resolution
Ahamed Ali et al. A Comprehensive Analysis of Key Management Models in the Cloud: Design, Challenges, and Future Directions
Ajai et al. Hierarchical Multi-Keyword Ranked search for secured document retrieval in public clouds

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SCHEIDELER, TIM UWE;UDUPI RAGHAVENDRA, ARJUN;SEUL, MATTHIAS;SIGNING DATES FROM 20190806 TO 20190807;REEL/FRAME:050007/0522

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

AS Assignment

Owner name: KYNDRYL, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:058213/0912

Effective date: 20211118

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE